Export limit exceeded: 21211 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (21211 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-25604 1 Dvd-x-player 1 Dvd X Player 2026-07-15 8.4 High
DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges.
CVE-2019-25597 2 Nsasoft, Nsauditor 2 Nsauditor, Nsauditor 2026-07-15 6.2 Medium
NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function to cause a denial of service condition.
CVE-2019-25589 2 Ejinshan, Emtec 3 Terminal Security System, Zoc, Zoc Terminal 2026-07-15 6.2 Medium
ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when accessing the Command Shell feature.
CVE-2019-25485 1 R-project 1 R 2026-07-15 6.2 Medium
R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler chain pivot and execute arbitrary shellcode with application privileges.
CVE-2019-25478 1 Getgosoft 1 Getgo Download Manager 2026-07-15 7.5 High
GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make it unavailable.
CVE-2019-25477 2 Krylack, Top Password Software 2 Rar Password Recovery, Rar Password Recovery 2026-07-15 6.2 Medium
RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration Code field to trigger an application crash.
CVE-2019-25469 1 Newsoftwares 1 Folder Lock 2026-07-15 6.2 Medium
Folder Lock 7.7.9 contains a buffer overflow vulnerability in the serial number registration field that allows local attackers to crash the application by submitting an oversized payload. Attackers can paste a 6000-byte buffer of arbitrary data into the 'Serial Number and Registration Key' field to trigger a denial of service condition.
CVE-2019-25466 1 Sharing-file 1 Easy File Sharing Web Server 2026-07-15 8.4 High
Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of padding followed by a nseh value and seh pointer to trigger the overflow when adding a new user account.
CVE-2019-25243 1 Iwt 2 Facesentry Access Control System, Facesentry Access Control System Firmware 2026-07-15 8.8 High
FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters.
CVE-2018-25212 2 Boxoft, Vmware 2 Wav To Wma Converter, Converter Enterprise Client 2026-07-15 8.4 High
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems.
CVE-2017-20229 2 Invisible-island, Mawk 2 Mawk, Mawk 2026-07-15 9.8 Critical
MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a return-oriented programming chain to spawn a shell with application privileges.
CVE-2016-20044 2 Pinfo, Surf 2 Pinfo, Pinfo 2026-07-15 8.4 High
PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.
CVE-2024-58294 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2026-07-14 8.8 High
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to establish remote shell access.
CVE-2025-66576 2 Intel, Remotecontrolio 2 Remote Keyboard, Remote Keyboard Desktop 2026-07-14 9.8 Critical
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution.
CVE-2025-34043 1 Nuuo 1 Network Video Recorder 2026-07-14 N/A
A remote command injection vulnerability exists in Vacron Network Video Recorder (NVR) devices v1.4 due to improper input sanitization in the board.cgi script. The vulnerability allows unauthenticated attackers to pass arbitrary commands to the underlying operating system via crafted HTTP requests. These commands are executed with the privileges of the web server process, enabling remote code execution and potential full device compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC.
CVE-2025-34041 1 Symantec 1 Endpoint Detection And Response 2026-07-14 N/A
An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interface, leading to arbitrary command execution with elevated privileges. This flaw only affects the Chinese-language EDR builds. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.
CVE-2026-15685 1 Ollama 1 Ollama 2026-07-14 7.5 High
Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloadBlob function. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated array. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-27277.
CVE-2026-48864 2 Opensuse, Redhat 9 Libsolv, Enterprise Linux, Hardened Images and 6 more 2026-07-14 7.8 High
A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result in information disclosure, alteration of program execution, or a denial of service.
CVE-2026-49959 2 Get-hermes, Nesquena 2 Hermes Web Ui, Hermes-webui 2026-07-14 8.8 High
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in api/workspace_git.py through vectors such as core.fsmonitor during git status, protocol.ext.allow with ext:: remotes during git fetch, credential.helper, core.askPass, core.gitProxy, or inherited environment variables including GIT_SSH_COMMAND to achieve arbitrary command execution on the host running the application.
CVE-2026-40519 1 Nginxproxymanager 1 Nginx Proxy Manager 2026-07-14 7.5 High
Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execution vulnerability via OS command injection in the setupCertbotPlugins() function in backend/setup.js, allowing attackers with certificates:manage permission to execute arbitrary commands by storing a malicious payload in the dns_provider_credentials field. The user-controlled dns_provider_credentials value is interpolated directly into a shell command executed via child_process.exec() without sanitization or escaping, causing the injected command to execute upon backend restart.